I am currently working on an application running in GAE that will accept an image upload and then write it to the repository with the GCS client library (previously used the cloud storage API with the same results). The problem that I see is that after writing it, files are only available if you are already logged in with a Google account. I have billing enabled, and my GAE identifier ( XXXXXX@appspot.gserviceaccount.com ) is added as a team member to the Google API project as the owner.
I used the command: gsutil setdefacl public-read gs://mybucket (file name in real-time code).
I have the following entry in my ACL:
<Entry> <Scope type="AllUsers"/> <Permission> READ </Permission> </Entry>
And I initialize the entry with this code:
GcsService gcsService = GcsServiceFactory.createGcsService(); GcsFilename filename = new GcsFilename(bucket, fileName); GcsFileOptions options = new GcsFileOptions.Builder() .mimeType(mime) .acl("public-read").build(); GcsOutputChannel writeChannel = gcsService.createOrReplace(filename, options);
The application returns the file URL to the client, which, as I mentioned, is great for any Google user, but any other user is redirected when trying to access https://storage.cloud.google.com/mybucket/filename.png . Also, when I entered the cloud storage web interface, when I insert a box in the “SHARED PUBLICLY” column (which has a dash in it), I get the message “You do not have permission to view or edit this ACL object,”. However, I can delete the file without problems, and the account I logged in with is set up as the owner of the API project.
I am sure that I am missing something easy here, but I was on all the documents and worked on it for a couple of days. Any insight is greatly appreciated.
source share